package com.dysm.spring.security.controller;

import org.springframework.http.ResponseEntity;
import org.springframework.security.access.annotation.Secured;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;


@RestController
public class TokenController {

    @Secured("ROLE_ADMIN")
    @GetMapping(path = "/security/hello")
    public ResponseEntity<String> test(@RequestParam("name") String name) {
        return ResponseEntity.ok(name + "：你好！");
    }

    @Secured({"ROLE_ADMIN","ROLE_EMP"})
    @GetMapping(path = "/security/say")
    public ResponseEntity<String> say(@RequestParam("name") String name,
                                      @RequestParam(required = false, name = "content") String content) {
        return ResponseEntity.ok(name + "说：" + content);
    }
}
